'New SMB and DCERPC features on Impacket released with doc'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-ids
Subject:    New SMB and DCERPC features on Impacket released with doc
From:       Gerardo Richarte <lists () core-sdi ! com>
Date:       2006-05-29 18:15:32
Message-ID: 447B3A44.3060305 () core-sdi ! com
[Download RAW message or body]

Hi!

    As we promised in the too short 5 minutes talk at CanSecWest last month, here we \
are publishing a new version of Impacket including all the new features we added for \
SMB and DCERPC. At the same time we are releasing a document describing what this new \
and weird features are, full of examples of how to use them, including a crash for \
MS05-039 (UMPNP remotely exploitable buffer overflow), writen in python using this \
library, which can be used as base for other DCERPC exploits and configured in lots \
of different ways to send non-standard and correct trafic.

    Some of the new features are:

    * NMB and SMB (high-level implementations).
    * DCE/RPC versions 4 and 5, over different transports: UDP (version 4 \
                exclusively), TCP, SMB/TCP, SMB/NetBIOS and HTTP.
    * Multiple ways of doing SMB tree_connect, file open, read, write.
    * SMB "fragmentation", SMB AndX command chaining.
    * Plain, NT and LM v1 authentications, using password and hashes only.
    * Portions of the following DCE/RPC interfaces: Conv, DCOM, EPM, SAMR, SvcCtl, \
                WinReg.
    * DCERPC Alternate contexts, Multi-bind requests, Endianness selection
    * DCERPC NT and LM v1 authentication, integrity checking and encryption.
    * DCERPC v4 and v5 fragmentation, DCERPC v4 idempotent requests.

    take a look here:

http://www.corest.com/common/showdoc.php?idx=539&idxseccion=11

    and send feedback, to us

    gera and beto


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic